802.1X Port-Based Authentication HOWTO - Lars Strand (spicy books to read .TXT) 📗
- Author: Lars Strand
- Performer: -
Book online «802.1X Port-Based Authentication HOWTO - Lars Strand (spicy books to read .TXT) 📗». Author Lars Strand
tls: include_length = yes
tls: check_crl = no
tls: check_cert_cn = "(null)"
rlm_eap: Loaded and initialized type tls
peap: default_eap_type = "mschapv2" (3)
peap: copy_request_to_tunnel = no
peap: use_tunneled_reply = no
peap: proxy_tunneled_request_as_eap = yes
rlm_eap: Loaded and initialized type peap
mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
......
Module: Loaded files
files: usersfile = "/usr/local/etc/raddb/users" (4)
......
Module: Instantiated radutmp (radutmp)
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests. (5)
(1) Default EAP type is set to PEAP.
(2) RADIUS's TLS settings are initiated here. The certificate type,
location, and password are listet here.(3) Inside the PEAP tunnel, MS-CHAPv2 is used.
(4) The username/password information is found in the users file.
(5) RADIUS server started successfully. Waiting for incoming requests.
The radius server is now ready to process requests!
The most interesting output is included above. If you get any error
message instead of the last line, go over the configuration (above)
carefully.
Now the Supplicant is ready to get authenticated. Start Xsupplicant in
debug mode. Note that we'll see output produced by the two startup
scripts: startup.sh and startup2.sh.
# xsupplicant -c /usr/local/etc/1x/1x.conf -i eth0 -d 6
Starting /etc/1x/startup.sh
Finished /etc/1x/startup.sh
Starting /etc/1x/startup2.sh
Finished /etc/1x/startup2.sh
At the same time, the RADIUS server is producing a lot of output. Key
snippets are shown below:
......
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS (1)
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK (2)
rlm_eap_peap: Session established. Decoding tunneled attributes.
Comments (0)